Skills
skills/tavi-agency/antigravity-awesome-skills/api-patterns/Gen Agent Trust Hub

api-patterns

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes a local utility script 'scripts/api_validator.py' which is intended to be executed on a user-provided project directory for static analysis.
  • [PROMPT_INJECTION]: The 'scripts/api_validator.py' script introduces a potential surface for indirect prompt injection due to processing untrusted file content.
  • Ingestion points: The validator reads data from files in the target project path, including source code and API specifications.
  • Boundary markers: There are no explicit markers or boundary instructions used to differentiate between the script's output and the data read from files.
  • Capability inventory: The script has the capability to read files from the local filesystem and is executed via the command line.
  • Sanitization: The script performs regex-based scanning of file contents without sanitizing or escaping the data before analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 09:52 AM